I was writing some instructions on how to install something (TeX-related - if you don't ask, I won't ruin your day by supplying more details) and used sudo to install system-wide. Someone commented that they didn't think that sudo was available on all Linux (or Unix) distributions.

Are there Unix distributions that don't have sudo, and if so what are they? Is there a universally acknowledged "Get me superuser privileges" command that is on all systems?

4 Answers
4

sudo is installed by default on Red Hat Enterprise Linux and its derivatives,1 but it only installs ready-to-use in RHEL 7 and newer.

Red Hat Enterprise Linux 7 added a new option to the installation screen where you create the first non-root user, a checkbox labeled "Make this user administrator." Its purpose is not documented on that page of the installation guide, but one of its effects is to allow that user to run any command through sudo. It does so by adding that user to the wheel group, which can run any command in the stock sudo configuration.

Red Hat Enterprise Linux 3 through 6 also installed sudo by default,2 but until RHEL 7, it shipped configured such that only root could run commands through it. The easiest way to fix this is to add one or more users to the wheel group, then run visudo as root and uncomment the %wheel ALL=(ALL)... line.

A minimal installation of Debian 7 (Wheezy) does not include sudo.

However, if you select the "Standard system utilities" package set during installation, it does install sudo, and it will automatically add the non-administrative user you created earlier to the sudo group, which has permission to run all commands.

This is not true of Debian 6 and earlier. For those older systems, you had to install sudo via apt-get after installation and configure it by hand.

sudo is not installed by default in FreeBSD or NetBSD. You have to build it from Ports.

OpenBSD — being the security-focused BSD flavor — does ship with sudo installed by default, but it is configured much like in RHEL 3 through 6, so that only root can run commands through it, which rather defeats the purpose of sudo.

If you added a non-root user during installation, it was added to the wheel group, so the simplest way to make sudo useful on an OpenBSD system is to uncomment the %wheel ALL=(ALL)... line via visudo.

Solaris 11 ships with sudo installed by default, but Solaris 10 and older use the similar-but-not-quite-the-same pfexec.

You can get sudo for older systems, but defaults matter. Solaris 10 and older will be with us for years, so if you have Solaris in your environment and you're not personally in control of those systems and so can ensure sudo is there, you can't count on it.

The older the system, the greater the chance it doesn't have sudo. Although sudo is very old, it didn't start becoming popular until the mid-2000s. Systems older than that are highly unlikely to have sudo.

Unix boxes tend to live a long time, so it is not inconceivable that you would still run across such a system today.

I only count on sudo on systems I personally manage, or ones like Ubuntu, OS X, or openSuSE where it's the only way to get root privileges, by default.

su is closer to a universal "get me superuser privileges" command than sudo. But then you have systems like Ubuntu and OS X where the root account is locked by default specifically to force you to use sudo instead of su. So, you can't call su universal, either.

sudo is a utility that is available on almost all Linux-Systems.
However, it is not bundled by default in all distros. All major distros have it bundled by default though..

Linux Distributions like Arch Linux, Gentoo, LFS, etc. which allow the user complete customisability do not have sudo by default.

On Arch Linux, the base system does not come with sudo installed. The user must manually download sudo and edit the sudoers file.
Ditto for Gentoo and LFS. I dont know of any other major distro without sudo.

And no, I don't think there exists anything that is more universal than sudo in granting super-user privileges. That is apart from actually logging in as root.

The most widely-used distribution, Ubuntu, uses sudo as the recommended method to become root (when using the command line — users who stick to the GUI will get a password prompt without understanding or caring about what happens under the hood). Other distributions may or may not encourage having sudo set up and may or may not even ship it. On the other hand, su is available everywhere, and usable on most systems except those where only sudo is available because the user won't have the root password.

Between su and sudo, you will cover almost all your users. The exotic few who need calife or op or pfexec know what to do already. Even if they don't, a system that uses neither su nor sudo is likely to have files in unfamiliar places and enough things you haven't thought of that your instructions probably won't work anyway.

To answer your question, most accurately, no sudo isn't considered universal. Truthfully the entire concept of 'universal', is often a red herring. This is especially true, with regard to cross-distro compatibility. Once your throw in the multitude of differing software versions, universality becomes semi-unrealistic. Scripting by nature is pragmatic, if it was pedantic, writing portable scripts would be practically impossible.

Normally I gauge my intended executing environment, A semi-modern Linux distribution, I expect a POSIX shell with the common GNU Utils. For scripts that could run outside of Linux, I only expect full POSIX standard.
Obviously many scripts are specific to Linux, or specific to distro, so that often narrows the portability scope.

But doesnt your script require that sudo be installed? Is there any way we can gain super-user access without the use of sudo? Through plain scripting?
–
darnirSep 18 '12 at 16:54

@darnir: No, the pasted script doesn't require sudo to be installed. It requires superuser execution, and can use sudo if it's available. If sudo isn't available, then the script must be run as the root user, or it will die.
–
TechZillaSep 18 '12 at 16:58

@darnir: Additionally there really is nothing called, "plain scripting". Almost everything, excluding shell built-ins, is done through regular binaries. That's the whole point of the shell, to call other commands, whether interactive or automated. It's this defining characteristic, which separates shell from general purpose programming languages. So regardless of how you acquire superuser, your doing it through external commands..., assuming your not coding with raw kernel interfaces.
–
TechZillaSep 18 '12 at 17:14

1

@varesa: Interestingly Ubuntu is the exact opposite on sudo/su default configurations. You can check what sudo permissions a user has available, by executing sudo -l. Unfortunately it's unusable in this situation, as it may require password entry. Thinking about this more carefully, I actually think the whole concept might be best achieved via a per distro test. Using su -c unless running a su default disabled distro, in which case using sudo su -c. As others have mentioned, it's best to leave superuser elevation to the user, I would consider any scrip-around a convenience.
–
TechZillaSep 30 '12 at 17:17

1

@varesa: I've updated the pasted script, to reduce chance of using an un-configured sudo. This should execute properly in most distro's, assuming default su/sudo configurations. I do know an out-dated Ubuntu, pre lsb_release, would need to be addressed... But this really is just an example, and could obviously be extended.
–
TechZillaSep 30 '12 at 18:00